User Group Network News, Views, Reviews

Mac Malware Update

In this edition we have another mixed-up bag of news, there’s really too much to report on in a single column, suggesting we break out the malware news into its own column! Here are the headlines … * Microsoft’s botnet shutdown won’t stop Mac malware * Mac malware disguised as Adobe Flash update * Flashback Trojan poses as Flash Player installer * Researchers warn of fake-PDF Mac Trojan * Consumer interest in Apple not dampened by Jobs’ departure * Kelihos Ring Sold ‘Botnet-As-A-Service’ * Hackers using QR codes to push Android malware . . . and more

Microsoft’s botnet shutdown won’t stop Mac malware

There has been much discussion of the shutdown of the Kelihos botnet this week by Microsoft and Kaspersky. It is the third such action by the Microsoft Active Response for Security (MARS) initiave in recent memory. Taking down botnets is always good news and even better Microsoft named an individual defendant in their US court case this time. Full story : Chester Wisniewski Naked Security

Mac malware disguised as Adobe Flash update

Warnings have been made about a new Mac Trojan downloader that appears as an installer for Adobe’s Flash Player. According to Mac security company Intego, ‘OSX/flashback.A’ encourages users visiting certain malicious websites to download and install Flash Player. Full story : SC Magazine UK

Flashback Trojan poses as Flash Player installer

Are Mac malware writers getting smarter? A recently discovered Trojan deactivates a popular security tool. Following the discovery of the Revir Trojan, security companies are warning of another new Mac Trojan, this time posing as an Adobe Flash installer. Dubbed Flashback by Intego (apparently the first to report it), the Trojan disables Little Snitch, a security product intended to alert users of any attempt by software to ‘phone home’. Full story : Stephen Withers – iTWire

Researchers warn of fake-PDF Mac Trojan

Apple’s Mac OS platform’s reputation for enhanced security has taken another hit as security researchers uncover a clever new Trojan spreading via spoof PDF files. Describing it as a ‘fascinating’ example of new-breed Mac malware, security expert Graham Cluley of Sophos claimed that Mac users need to be aware of the risks posed by supposedly ‘safe’ file formats like PDF. Full story : THINQ.co.uk

Consumer interest in Apple not dampened by Jobs’ departure

Apple’s stock value didn’t plummet when Steve Jobs announced his departure as CEO (nor should it have), and it looks like the reaction from consumers matches Wall Street’s optimism. In contrast, negative sentiments about the company (there were around 64,000 such statements in August as measured by ConsumerAffairs.com) focused mostly on ‘technical and pricing issues,’ including problems with software updates and concerns about the Mac malware that had been more of a problem earlier in the summer. Full story : GigaOm

Kelihos Ring Sold ‘Botnet-As-A-Service’

A Czech-based malware ring was so sophisticated it was able to sell time and space on its network of rogue computers to third parties in exchange for cash and other compensation, Microsoft charged in what may be a groundbreaking lawsuit against the group’s organizers. “The Kelihos Botnet operators sell botnet capacity as a service, including the capability of sending spam email to perpetuate fraud, to collect financial and personal data, and to distribute harmful and malicious software,” Microsoft alleged in court papers filed in U.S. District Court for Eastern Virginia. Full story : By Paul McDougall InformationWeek

Hackers using QR codes to push Android malware

The growing popularity of Quick Response (QR codes) on smart phones has officially become a new distribution vehicle for malware on Android devices. According to security researchers at Kaspersky Lab (important disclosure: my employer), hackers are are using QR codes posted on web sites to redirect smart phones to other sites hosting an Android trojan. Full story : ZDNet (blog)